Active Directory Corruption on Exchange Member Server W2K3

Posted on 2009-04-29
Last Modified: 2012-05-06
We had a Win2K3 member server running Exchange 2003 go down today. The server, when rebooted, told us the registry files were corrupt. We went through "Recovery Console" and recovered the registry files from the C:/windows/repair directory.

On reboot, we now get an error that the Directory Services could not start...(Error message 1003 was logged in Event Log). (I was surprised that a Member server (not a DC) would have the AD database on it). We booted into Directory Services Recovery Mode and attempted to recover the AD database. Turns out the database is completely missing on this computer. We have no reliable backup on this machine for the AD. We are stuck.

We have tried to restore the NTDS.dit file from one of our DCs. This did not work. The error message is now: "Directory Services could not start, the password is incorrect"

Anyone have a solution to this. Rebuilding the Exchange server from scratch and installing the backup Exchange database is a last resort.

Question by:drasche
    LVL 65

    Expert Comment

    If it was a member server then shouldn't have anything to do with directory services, therefore I would have to presume that the problem is either that it is a DC or WAS a DC and the DC functionality wasn't removed correctly.

    One option would be to be boot the machine from something like Bart CD, and rescue the Exchange files and database files. Then do a full DR on the system and use the existing database and log files. That will get you back to the state very close to failure.


    Author Comment

    Interestingly, this machine was never a DC. It is our Exchange server though. We are following what we have seen in a number of places, that it is a really good idea to not have your Exchange Server as a DC.

    We built this win2k3 server from scratch and never made it a DC. It had the  c:\windows\NTDS folder. It had a couple files in it but no ntds.dit file. If it was never a DC, I don't understand why we are getting this error.

    The restore of the 5 registry files came from the c:\windows\repair directory, if that has anything to do with it?


    Author Comment

    BTW, what is "DR" that you refer to in the BartCD?
    LVL 65

    Accepted Solution

    The DR I am referring to has nothing to do with BartCD. It is installing Exchange in disaster recovery mode after using the BartCD to get at the file system and remove the data that you need. As long as the domain is ok, then a rebuild of Exchange is quite straight forward.


    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    SBS 2011 corrupt database 3 48
    JItbit AD intergration 4 22
    active directory 5 22
    outllok 2016 and exchange 2010 sp3 1 0
    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now